Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-005841)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005841 advisory. jq is a command-line JSON processor. In version 1.8.0 a heap use after free vulnerability exists within the function fstrflocaltime of /src/builtin.c. This issue has...

EUVD-2025-18920

Malicious code in bioql PyPI...

The vulnerability of the f_strflocaltime() function in the programming language JQ, which allows attackers to compromise the accessibility of protected information

The vulnerability of the fstrflocaltime function in the JavaScript programming language is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to compromise the accessibility of protected information...

DEBIAN-CVE-2025-49014

jq is a command-line JSON processor. In version 1.8.0 a heap use after free vulnerability exists within the function fstrflocaltime of /src/builtin.c. This issue has been patched in commit 499c91b, no known fix version exists at time of publication...

UBUNTU-CVE-2025-49014

jq is a command-line JSON processor. In version 1.8.0 a heap use after free vulnerability exists within the function fstrflocaltime of /src/builtin.c. This issue has been patched in commit 499c91b, no known fix version exists at time of publication...

CVE-2025-49014 jq heap use after free vulnerability in f_strflocaltime

jq is a command-line JSON processor. In version 1.8.0 a heap use after free vulnerability exists within the function fstrflocaltime of /src/builtin.c. This issue has been patched in commit 499c91b, no known fix version exists at time of publication...

CVE-2025-49014

jq is a command-line JSON processor. In version 1.8.0 a heap use after free vulnerability exists within the function fstrflocaltime of /src/builtin.c. This issue has been patched in commit 499c91b, no known fix version exists at time of publication...

CVE-2025-49014

CVE-2025-49014 : A heap use-after-free in jq 1.8.0 affects the function f_strflocaltime in /src/builtin.c. The issue is acknowledged as patched in commit 499c91bca9d4d027833bc62787d1bb075c03680e, with no known fixed version at publication. Connected sources corroborate the vulnerability in jq and...

jq 资源管理错误漏洞

jq is a lightweight and flexible command-line JSON processor from jqlang open source. A resource management error vulnerability exists in jq version 1.8.0, which stems from a post-release reuse issue in the function fstrflocaltime in the file /src/builtin.c. The vulnerability is caused by the use...